This is the accessible text file for GAO report number GAO-12-627
entitled 'National Medicaid Audit Program: CMS Should Improve
Reporting and Focus on Audit Collaboration with States' which was
released on June 14, 2012.
This text file was formatted by the U.S. Government Accountability
Office (GAO) to be accessible to users with visual impairments, as
part of a longer term project to improve GAO products' accessibility.
Every attempt has been made to maintain the structural and data
integrity of the original printed product. Accessibility features,
such as text descriptions of tables, consecutively numbered footnotes
placed at the end of the file, and the text of agency comment letters,
are provided but may not exactly duplicate the presentation or format
of the printed version. The portable document format (PDF) file is an
exact electronic replica of the printed version. We welcome your
feedback. Please E-mail your comments regarding the contents or
accessibility features of this document to Webmaster@gao.gov.
This is a work of the U.S. government and is not subject to copyright
protection in the United States. It may be reproduced and distributed
in its entirety without further permission from GAO. Because this work
may contain copyrighted images or other material, permission from the
copyright holder may be necessary if you wish to reproduce this
material separately.
United States Government Accountability Office:
GAO:
Report to Congressional Requesters:
June 2012:
National Medicaid Audit Program:
CMS Should Improve Reporting and Focus on Audit Collaboration with
States:
GAO-12-627:
GAO Highlights:
Highlights of GAO-12-627, a report to congressional requesters.
Why GAO Did This Study:
Medicaid, the joint federal-state health care financing program for
certain low-income individuals, has the second-highest estimated
improper payments of any federal program. The Deficit Reduction Act of
2005 expanded the federal role in Medicaid program integrity, and the
Centers for Medicare & Medicaid Services (CMS), the federal agency
that oversees Medicaid, established the MIG, which designed the NMAP.
Since the NMAP’s inception, the MIG has used three different audit
approaches: test, MSIS, and collaborative. This report focuses on (1)
the effectiveness of the MIG’s implementation of NMAP, and (2) the
MIG’s efforts to redesign the NMAP. To do this work, GAO analyzed MIG
data, reviewed its contractors’ reports, and interviewed MIG
officials, contractor representatives, and state program integrity
officials.
What GAO Found:
What GAO Found
Compared to the initial test audits and the more recent collaborative
audits, the majority of the Medicaid Integrity Group’s (MIG) audits
conducted under the National Medicaid Audit Program (NMAP) were less
effective because they used Medicaid Statistical Information System
(MSIS) data. MSIS is an extract of states’ claims data and is missing
key elements, such as provider names, that are necessary for auditing.
Since fiscal year 2008, 4 percent of the 1,550 MSIS audits identified
$7.4 million in potential overpayments, 69 percent did not identify
overpayments, and the remaining 27 percent were ongoing. In contrast,
26 test audits and 6 collaborative audits-—which used states’ more
robust Medicaid Management Information System (MMIS) claims data and
allowed states to select the audit targets-—together identified more
than $12 million in potential overpayments. Furthermore, the median
amount of the potential overpayment for MSIS audits was relatively
small compared to test and collaborative audits.
Figure: Number of Audits and Potential NMAP Overpayments and through
February 2012:
[Refer to PDF for image: 2 pie-charts]
Number of audits performed:
MSIS audits: 1,550 (92%);
Collaborative audits: 112 (7%);
Test audits: 27 (2%).
Potential overpayment:
MSIS audits: 59 of 1,550 (37%): $7.4 million;
Collaborative audits: 6 of 112 (22%): $4.4 million;
Test audits: 26 of 27 (41%): $8.1 million.
Source: GAO analysis of CMS data.
[End of figure]
The MIG reported that it is redesigning the NMAP, but has not provided
Congress with key details about the changes it is making to the
program, including the rationale for the change to collaborative
audits, new analytical roles for its contractors, and its plans for
addressing problems with the MSIS audits. Early results showed that
this collaborative approach may enhance state program integrity
activities by allowing states to leverage the MIG’s resources to
augment their own program integrity capacity. However, the lack of a
published plan detailing how the MIG will monitor and evaluate NMAP
raises concerns about the MIG’s ability to effectively manage the
program. Given that NMAP has accounted for more than 40 percent of MIG
expenditures, transparent communications and a strategy to monitor and
continuously improve NMAP are essential components of any plan seeking
to demonstrate the MIG’s effective stewardship of the resources
provided by Congress.
What GAO Recommends:
GAO recommends that the CMS Administrator ensure that the MIG’s
(1) update of its comprehensive plan provide key details about the
NMAP, including its expenditures and audit outcomes, program
improvements, and plans for effectively monitoring the program; (2)
future annual reports to Congress clearly address the strengths and
weaknesses of the audit program and its effectiveness; and (3) use of
NMAP contractors supports and expands states’ own program integrity
efforts through collaborative audits. HHS partially concurred with
GAO’s first recommendation commenting that CMS’s annual report to
Congress was a more appropriate vehicle for reporting NMAP results
than its comprehensive plan. HHS concurred with the other two
recommendations.
View [hyperlink, http://www.gao.gov/products/GAO-12-627]. For more
information, contact Carolyn L. Yocom at (202) 512-7114 or
yocomc@gao.gov.
[End of section]
Contents:
Letter:
Background:
The Majority of the MIG's NMAP Audits Were MSIS Audits, Which Were
Less Effective than Other Audit Approaches:
MIG's Redesign of the NMAP Has Potential Advantages, but MIG Has Not
Been Transparent about Key Details of the Program's Redesign:
Conclusions:
Recommendations for Executive Action:
Agency Comments and Our Evaluation:
Appendix I: Status of Medicaid Statistical Information System (MSIS)
Audits:
Appendix II: Information on Medicaid Statistical Information System
Audits that Identified Potential Overpayments:
Appendix III: Status of Collaborative Audits:
Appendix IV: Comments from the Department of Health and Human Services:
Appendix V: GAO Contact and Staff Acknowledgments:
Related GAO Products:
Tables:
Table 1: Comparison of Data Sources for NMAP Audits:
Table 2: Status of MSIS Audits, by Fiscal Year of Assignment and Audit
Stage Conducted through February 2012:
Table 3: Number of Successful MSIS Audits, by State and Provider Type:
Table 4: Amount of Potential Overpayments Identified by Successful
MSIS Audits, by State and Provider Type:
Table 5: Status of Collaborative Audits, by Fiscal Year of Assignment
and Audit Stage:
Table 6: Number of Successful Collaborative Audits, by State and
Provider Type:
Table 7: Amount of Potential Overpayments Identified by Successful
Collaborative Audits, by State and Provider Type:
Figures:
Figure 1: Review Contractor Activities for MSIS Audits:
Figure 2: Audit Contractor Activities for MSIS Audits:
Figure 3: NMAP Contractor Expenditures and Audit Timeline, Fiscal
Years 2007-2011:
Figure 4: Number of Audits and Total Potential Overpayments Identified
and Sent to States for Recoupment (in millions of dollars) by Audit
Approach, through February 2012:
Figure 5: Status of 1,550 Medicaid Statistical Information System
(MSIS) Audits Conducted through February 2012:
Abbreviations:
CMS: Centers for Medicare & Medicaid Services:
DRA: Deficit Reduction Act of 2005:
HHS: Department of Health and Human Services:
MIG: Medicaid Integrity Group:
MMIS: Medicaid Management Information System:
MSIS: Medicaid Statistical Information System:
NMAP: National Medicaid Audit Program:
OIG: Office of Inspector General:
T-MSIS: Transformed MSIS:
[End of section]
United States Government Accountability Office:
Washington, DC 20548:
June 14, 2012:
The Honorable Thomas R. Carper:
Chairman:
The Honorable Scott P. Brown:
Ranking Member:
Subcommittee on Federal Financial Management, Government Information,
Federal Services and International Security:
Committee on Homeland Security and Governmental Affairs:
United States Senate:
The Honorable Tom Coburn:
Ranking Member:
Permanent Subcommittee on Investigations:
Committee on Homeland Security and Governmental Affairs:
United States Senate:
The Centers for Medicare & Medicaid Services (CMS) estimated that
$21.9 billion (8 percent) of Medicaid's federal expenditures of $270
billion in fiscal year 2011 involved improper payments, the second
highest amount reported by any federal program.[Footnote 1] Improper
payments include those made for treatments or services that were not
covered by program rules, that were not medically necessary, or that
were billed for but never provided.[Footnote 2] Since 2001, we have
reported numerous times on improper payments and our concerns about
the adequacy of fiscal oversight in Medicaid.[Footnote 3] The
challenges inherent in overseeing a program of Medicaid's size and
diversity make the program vulnerable to improper payments. Because of
the program's risk of improper payments, as well as insufficient
federal and state oversight, Medicaid has been on our list of high-
risk programs since January 2003.[Footnote 4]
The Medicaid program consists of 56 distinct state-based programs that
operate within broad federal guidelines.[Footnote 5] States are the
first line of defense against Medicaid improper payments.
Specifically, they must ensure the qualifications of the providers who
bill the program, detect improper payments, recover overpayments, and
refer suspected cases of fraud and abuse to law enforcement
authorities. At the federal level, CMS is responsible for oversight of
the Medicaid program. Until the Deficit Reduction Act of 2005 (DRA),
Medicaid program integrity had been primarily a state responsibility.
[Footnote 6] The DRA created the Medicaid Integrity Program to oversee
and support state efforts and, among other actions, directed CMS to
hire contractors to review and audit state Medicaid claims data, which
CMS calls the National Medicaid Audit Program (NMAP). CMS established
the Medicaid Integrity Group (MIG) to implement these DRA provisions.
[Footnote 7]
You asked us to examine CMS's oversight of and support for states'
efforts to prevent and reduce improper payments in Medicaid. This
report focuses on: (1) the effectiveness of the MIG's implementation
of the NMAP and (2) the MIG's efforts to redesign the NMAP. We are
reporting on the MIG's implementation and redesign of the NMAP because
of its potential duplication of state activities and because it has
accounted for over 40 percent of the approximately $75 million the MIG
spends annually on Medicaid program integrity. A subsequent report
will examine additional CMS activities that oversee and support state
Medicaid program integrity.
To address both of our reporting objectives, we analyzed NMAP data
provided by the MIG and interviewed MIG officials. We assessed the
reliability of these data and found them sufficiently reliable for our
purposes. In addition, we reviewed annual lessons-learned reports
submitted by the MIG's review and audit contractors and interviewed
representatives of each type of contractor. We also interviewed
program integrity officials in 11 states to obtain their perspectives
on the NMAP and collected additional information from 8 states where
the MIG has recently implemented changes to the NMAP. The 11 states
were: Arizona, California, Connecticut, Florida, Kentucky, New York,
Ohio, Pennsylvania, Texas, Washington, and Wisconsin. We selected
these states because of their geographic diversity and because
together they accounted for more than half of all Medicaid spending
and beneficiaries. Separately, we contacted the 9 states where CMS had
implemented changes to the NMAP to obtain their perspective on the
redesign--Arkansas, California, Idaho, Maryland, Mississippi, New
Jersey, Ohio, Texas, and Washington. California did not respond to our
questions regarding the redesign. We reviewed relevant Department of
Health and Human Services Office of the Inspector General (HHS-OIG)
reports, and interviewed HHS-OIG officials involved in early
assessments of the MIG's review and audit contractors. We conducted
this audit work between July 2011 and June 2012 in accordance with
generally accepted government auditing standards. Those standards
require that we plan and perform the performance audit to obtain
sufficient, appropriate evidence to provide a reasonable basis for our
findings and conclusions based on our audit objectives. We believe
that the evidence obtained provides a reasonable basis or our findings
and conclusions based on our audit objectives.
Background:
The MIG has taken three different approaches since establishing the
NMAP--test audits, Medicaid Statistical Information System (MSIS)
audits, and collaborative audits.[Footnote 8] In each approach,
contractors conducted post payment audits, that is, they reviewed
medical documentation and other information related to Medicaid claims
that had already been paid. The key differences among the three NMAP
approaches were (1) the data sources used to identify audit targets,
and (2) the roles assigned to states and contractors. In June 2007,
the MIG hired a contractor to conduct test audits, and it implemented
MSIS audits beginning in December 2007 by hiring separate review and
audit contractors for each of five geographic areas of the country.
Collaborative audits were introduced in January 2010.
Test Audits:
In June 2007, the MIG hired a contractor to conduct test audits in
five states.[Footnote 9] Working with the MIG and the states, the
contractor audited 27 providers. States provided the initial audit
targets based on their own analysis of Medicaid Management Information
System (MMIS) data. MMIS are mechanized claims processing and
information retrieval systems maintained by individual states, and
generally reflect real-time payments and adjustments of detailed
claims for each health care service provided. In some cases, states
provided samples of their claims data with which to perform the
audits, and in other cases states provided a universe of paid claims
that the MIG's contractor analyzed to derive the sample. Twenty-seven
test audits were conducted on hospitals, physicians, dentists, home
health agencies, medical transport vendors, and durable medical
equipment providers.
MSIS Audits:
In December 2007, while test audits were still under way, the MIG
began hiring review and audit contractors to implement MSIS audits.
[Footnote 10] MSIS audits differed from the test audits in three ways.
* First, MSIS audit targets were selected based on the analysis of
Medicaid Statistical Information System (MSIS) data. MSIS is a
national data set collected and maintained by CMS consisting of
extracts from each state's MMIS, including eligibility files and paid
claims files that were intended for health care research and
evaluation activities but not necessarily for auditing. As a subset of
states' more detailed MMIS data files, MSIS data do not include
elements that can assist in audits, such as the explanations of
benefit codes and the names of providers and beneficiaries. In
addition, MSIS data are not as timely because of late state
submissions and the time it takes CMS's contractor to review and
validate the data.[Footnote 11] MIG officials told us that they chose
MSIS data because the data were readily available for all states and
the state-based MMIS data would require a significant amount of
additional work to standardize across states. (See table 1 below.)
* Second, MSIS audits were conducted over a wider geographic area; 44
states have had MSIS audits, compared with the small number of states
selected for test audits.
* Third, MSIS audits use two types of contractors--review contractors
to conduct data analysis and help identify audit leads, and audit
contractors to conduct the audits. In the test audits, the states
provided the initial audit leads.
Table 1: Comparison of Data Sources for NMAP Audits:
Overview;
Medicaid Management Information System (MMIS): MMIS is a Medicaid
claims processing and information system used by states for
management, oversight and reporting of their Medicaid program
operations and costs. MMIS is more complete and is updated more often
than MSIS;
Medicaid Statistical Information System (MSIS): MSIS is a national
eligibility and claims database used by CMS to analyze Medicaid
program characteristics and utilization of services, and to generate
reports on national Medicaid populations and expenditures. MSIS is a
subset of MMIS and updates are sent to CMS on a quarterly basis.
Maintained by;
Medicaid Management Information System (MMIS): States;
Medicaid Statistical Information System (MSIS): CMS.
Geographic coverage;
Medicaid Management Information System (MMIS): Individual states;
Medicaid Statistical Information System (MSIS): All states.
Use in National Medicaid Audit Program (NMAP);
Medicaid Management Information System (MMIS): Test audits and
collaborative audits;
Medicaid Statistical Information System (MSIS): MSIS audits.
Source: GAO.
[End of table]
Review contractors. The MIG's two review contractors analyze MSIS data
to help identify potential audit targets in an analytic process known
as data mining. The MIG issues monthly assignments to these
contractors, and generally allows the contractors 60 days to complete
them. For each assignment, the MIG specifies the state, type of
Medicaid claims data, range of service dates, and algorithm (i.e., a
specific set of logical rules or criteria used to analyze the
data).[Footnote 12] The work of the review contractor is summarized in
an algorithm findings report, which contains lists of providers ranked
by the amount of their potential overpayment. The January through June
2010 algorithm reports reviewed by the HHS-OIG identified 113,378
unique providers from about 1 million claims.[Footnote 13] The MIG's
Division of Fraud Research & Detection oversees the technical work of
the review contractors. A summary of the review contractor activities
for MSIS audits is shown in figure 1.
Figure 1: Review Contractor Activities for MSIS Audits:
[Refer to PDF for image: illustration]
Assignment:
* MIG makes monthly analytic assignments in collaboration with the
review contractor.
Analysis and validation:
* Review contractor uses MSIS data to conduct the assignment[A];
* Review contractor sends a sample of results from the assignment to
state for validation;
* State determines whether the algorithms used match state policies
and validates overpayments in the sample[B].
Completion:
* Review contractor enters results into MIG data system and submits an
algorithm findings report to the MIG[C].
* MIG reviews the algorithm findings report and may either accept or
fail the report, or hold it for further analysis.
Source: GAO.
[A] MSIS data are in a data repository supplied by the MIG.
[B] An algorithm is a specific set of logical rules or criteria used
to analyze data. An algorithm may be used to check for conflicting or
duplicate claims, such as identifying billed home health care for a
time period when the beneficiary was in the hospital, or duplicate
prescriptions filled at different pharmacies.
[C] There may be cases where the contractor does not submit an
algorithm findings report.
[End of figure]
Audit contractors. The MIG's audit contractors conduct postpayment
audits of Medicaid providers. Audit leads are selected by the MIG's
Division of Field Operations, generally by looking at providers across
one or more applicable algorithms to determine if they have been
overpaid or demonstrated egregious billing patterns. From the hiring
of audit contractors in December 2007 through February 2012, the
division assigned 1,550 MSIS audits to its contractors.[Footnote 14]
During an audit, the contractor may request and review copies of
provider records, interview providers and office personnel, or visit
provider facilities. If an overpayment is identified, the contractor
drafts an audit report, which is shared with the provider and the
state. Ultimately, the state is responsible for collecting any
overpayments in accordance with state law and must report this
information to CMS. A summary of the audit contractor activities is
shown in figure 2.
Figure 2: Audit Contractor Activities for MSIS Audits:
[Refer to PDF for image: illustration]
Assignment:
* MIG selects audit leads, and contacts states to ensure that audits
do not duplicate state audits or interfere with ongoing investigations.
Auditing:
* Based on leads from review contractors, audit contractors notify the
providers and request documentation;
* Audit work involves reviewing provider records and interviewing
providers and personnel.
Reporting:
* Audit contractor prepares draft audit report, which is sent to the
provider and the state for review and comment[A];
* Based on provider and state comments, the contractor sends a final
report to the MIG;
* MIG examines the audit report and, when it is considered complete,
the final audit report is sent to the state.
Collection:
* State pursues and collects overpayment.
Source: GAO.
Note: MSIS audit activities generally end after the final audit report
is sent to the state, though the audit contractor may provide support
to states during hearings and appeals.
[A] If there are no findings or the overpayments are determined to be
too low to merit collection, then the audit contractor submits a Low-
No Findings report to the MIG.
[End of figure]
Collaborative Audits:
In June 2011, CMS released its fiscal year 2010 report to Congress,
which outlined a redesign of the NMAP with an approach that closely
resembled the test audits. The report described the redesign as an
effort to enhance the NMAP and assist states with their program
integrity priorities. CMS refers to this new approach as collaborative
audits. In these collaborative audits, MIG and its contractor
primarily used MMIS data and leveraged state resources and expertise
to identify audit targets.[Footnote 15] In contrast, MSIS audits used
separate review contractors and MSIS data to generate lists of
providers with potential overpayments, and the MIG selected the
specific providers to be audited.[Footnote 16]
NMAP Contractor Expenditures:
From June 2007 through February 2012, payments to the contractors for
test, MSIS, and collaborative audits totaled $102 million.[Footnote
17] On an annual basis, these contractor payments account for more
than 40 percent of all of the MIG's expenditures on Medicaid program
integrity activities. Contractor payments rose from $1.3 million in
fiscal year 2007 and reached $33.7 million in fiscal year 2011. (See
figure 3.) The total cost of the NMAP is likely greater than $102
million because that figure does not include expenditures on the
salaries of MIG staff that support the operation of the program.
Figure 3: NMAP Contractor Expenditures and Audit Timeline, Fiscal
Years 2007-2011:
[Refer to PDF for image: line graph]
Fiscal year 2007:
Test audits begin, June;
Expenditures: $1.3 million.
Fiscal Year 2008:
MSIS audits begin, September;
Expenditures: $3.8 million.
Fiscal Year 2009:
Expenditures: $19.9 million.
Fiscal Year 2010:
Collaborative audits begin, January;
Expenditures: $30.6 million.
Fiscal Year 2011:
Test audits end, December;
Expenditures: $33.7 million.
Source: GAO analysis of CMS data.
Notes: Data include expenditures on contractors for test audits,
Medicaid Statistical Information System audits, and collaborative
audits. They do not include salaries of Medicaid Integrity Group staff
supporting NMAP audit activities. The NMAP contractor expenditures for
the first 5 months of fiscal year 2012 totaled $12.3 million but are
not included in the figure above.
[End of figure]
The Majority of the MIG's NMAP Audits Were MSIS Audits, Which Were
Less Effective than Other Audit Approaches:
The MSIS audits were less effective in identifying potential
overpayments than test and collaborative audits. The main reason for
the difference in audit results was the use of MSIS data. According to
MIG officials, they chose MSIS data because the data were readily
available for all states, they are collected and maintained by CMS,
and are intended for health care research and evaluation activities.
However, the MSIS audits were not well coordinated with states, and
duplicated and diverted resources from states' program integrity
activities.
MSIS Audits Were Less Effective than Test and Collaborative Audits:
Compared with test and collaborative audits, the return on MSIS audits
was significantly lower. As of February 2012, a small fraction of the
1,550 MSIS audits identified $7.4 million in potential overpayments.
In contrast, 26 test audits and 6 collaborative audits together
identified $12.5 million in potential overpayments (see figure 4.)
Appendix II provides details on the characteristics of MSIS audits
that successfully identified overpayments. While the newer
collaborative audits have not yet identified more in overpayments than
MSIS audits, only 6 of the 112 collaborative audits have final audit
reports (see appendix III), suggesting that the total overpayment
amounts identified through collaborative audits will continue to grow.
[Footnote 18] In addition, the MSIS audits identified potential
overpayments for much smaller amounts. Half of the MSIS audits were
for potential overpayments of $16,000 or less, compared to a median of
about $140,000 for test audits and $600,000 for collaborative audits.
Figure 4: Number of Audits and Total Potential Overpayments Identified
and Sent to States for Recoupment (in millions of dollars) by Audit
Approach, through February 2012:
[Refer to PDF for image: 2 pie-charts]
Number of audits performed:
MSIS audits: 1,550 (92%);
Collaborative audits: 112 (7%);
Test audits: 27 (2%).
Potential overpayment:
MSIS audits: 59 of 1,550 (37%): $7.4 million;
Collaborative audits: 6 of 112 (22%): $4.4 million;
Test audits: 26 of 27 (41%): $8.1 million.
Source: GAO analysis of CMS data.
Notes: Test audits were conducted from 2007 through 2010. Medicaid
Statistical Information System (MSIS) audits began in 2008 and are
ongoing. Collaborative audits began in 2010 as part of the redesign of
the NMAP and are also ongoing. Dollar amounts shown are potential
overpayments in final audit reports sent to states for recovery. They
do not reflect the amounts in draft audit reports or the amounts
actually recovered by the states. Percentages may not total 100
because of rounding.
[End of figure]
Poor MSIS Audit Results Were Due Largely to the Use of Inadequate Data:
The use of MSIS data was the principal reason for the poor MSIS audit
results, that is, the low amount of potential overpayments identified
and the high proportion of unproductive audits.[Footnote 19] Over two-
thirds (69 percent) of the 1,550 MSIS audits assigned to contractors
through February 2012 were unproductive, that is, they were
discontinued (625), had low or no findings (415), or were put on hold
(37).[Footnote 20] (See figure 5.) Our findings are consistent with an
early assessment of the MIG's audit contractors, which cited MSIS data
issues as the top reason that MSIS audits identified a lower amount of
potential overpayments.[Footnote 21]
Figure 5: Status of 1,550 Medicaid Statistical Information System
(MSIS) Audits Conducted through February 2012:
[Refer to PDF for image: pie-chart and subchart]
Audit reports: 23%;
Ongoing audits: 8%;
Unproductive audits: 69%:
* Discontinued: 58%;
* Low or no overpayments: 39%;
* On hold: 3%.
Source: GAO analysis of CMS data.
Note: Unproductive Medicaid Statistical Information System (MSIS)
audits include those that were discontinued, had low or no
overpayments, or were put on hold. Ongoing audits includes audits
assigned and in the implementation phase. Audit reports include final
audit reports (4 percent) and draft audit reports (19 percent).
[End of figure]
State program integrity officials, the HHS-OIG, and its audit
contractors told the MIG that MSIS data would result in many false
leads because the data do not contain critical audit elements,
including provider identifiers; procedure, product, and service
descriptions; billing information; and beneficiary and eligibility
information.[Footnote 22] For example, the MIG assigned 81 MSIS audits
in one state because providers appeared to be billing more than 24
hours of service in a single day. However, all of these audits were
later discontinued because the underlying data were incomplete and
thus misleading; the audited providers were actually large practices
with multiple personnel, whose total billing in a single day
legitimately exceeded 24 hours. One state official told us that when
states met with the MIG staff during the roll out of the Medicaid
Integrity Program, the state officials emphasized that (1) MSIS data
could not be used for data mining or auditing because they were
'stagnant,' i.e., MSIS does not capture any adjustments that are
subsequently made to a claim and (2) MMIS data were current and states
would be willing to share their MMIS data with CMS. In their annual
lessons-learned reports, the audit and review contractors told the MIG
that the MSIS data were not timely or accurate, and recommended that
the MIG help them obtain access to state MMIS data.[Footnote 23]
Nevertheless, the MIG continued to assign MSIS-based audits to its
contractors; 78 percent of MSIS audits (1,208) were assigned after the
August 2009 HHS-OIG report.
MIG officials told us that they chose MSIS data because the data were
readily available for all states, they are collected and maintained by
CMS, and are intended for health care research and evaluation
activities. However, when considering the use of MSIS data, officials
said that they were aware that the MSIS data had limitations for
auditing and could produce many false leads. MIG officials also told
us that collecting states' MMIS data would have been burdensome for
states and would have resulted in additional work for the review
contractors because they would need to do a significant amount of work
to standardize the MMIS data to address discrepancies between the
states' data sets. However, officials in 13 of the 16 states we
contacted volunteered that they were willing to provide the MIG with
MMIS data if asked to do so. In addition, the review contractors have
had to do some work to standardize the state files within the MSIS
maintained by CMS.
MSIS Audits Were Not Well Coordinated with States and Diverted
Resources from States' Program Integrity Activities:
The MIG did not effectively coordinate MSIS audits with states and as
a result, the MIG duplicated state program integrity activities.
Officials from several states we interviewed noted that some of the
algorithms used by the review contractor were identical to or less
sophisticated than the algorithms they used to identify audit leads.
An official in one state told us that even after informing the
contractor that its work would be duplicative, the review contractor
ran the algorithm anyway. Officials in another state told us that the
MIG was unresponsive to state assertions that it had a unit dedicated
to reviewing a specific category of claims and the MIG was still
pursuing audits for this provider type. State officials also cited
general coordination challenges, including difficulty communicating
with contractors. MIG officials acknowledged that poor communications
resulted in the pursuit of many false leads that had not been
adequately vetted by the states. In addition, representatives of a
review contractor we interviewed told us that states did not always
respond to requests to validate overpayments in the algorithm samples
provided and the MIG may not have been aware of the lack of a state
response when making audit assignments.
State officials we interviewed told us that the review contractors'
lack of understanding of state policy also contributed to the
identification of false leads, even though (1) the MIG required its
contractors to become familiar with each state's Medicaid program, and
(2) the MIG reviewed state policies as a quality assurance step prior
to assigning leads to its audit contractors. Nonetheless, one state
official described how the MIG and its review and audit contractors
had mistakenly identified overpayments for federally qualified health
centers because they assumed that centers should receive reduced
payments for an established patient on subsequent visits. In fact,
centers are paid on an encounter basis, which uses the same payment
rate for the first and follow-up visits.
Officials in seven of the states we spoke with described the resources
involved in assisting the MIG and its contractors. For example, states
told us that they had assigned staff to: (1) review the algorithms
used by review contractors to generate potential audit leads; (2)
review lists of audit leads created by the MIG; and (3) provide
information and training on state-level policies to audit contractors.
One state official described how it had clinical staff rerun
algorithms using the state's data system to see if the audit targets
chosen by the MIG had merit.[Footnote 24] In cases where the state
staff found that the MIG was pursuing a false lead, the state had to
provide the MIG and its contractors with detailed explanations of why
the suspect claims complied with state policies. While the state
officials we spoke with did not estimate the cost of their involvement
in MSIS audits, officials in some states said that participation in
MSIS audits diverted staff from their regular duties. MIG officials
told us they were sensitive to state burden and had attempted to
minimize it.
MIG's Redesign of the NMAP Has Potential Advantages, but MIG Has Not
Been Transparent about Key Details of the Program's Redesign:
MIG's redesigned NMAP focuses on collaborative audits, which may
enhance state Medicaid program integrity activities, and it also
intends to continue using MSIS data in some audits. As part of its
NMAP redesign, the MIG has assigned new activities to its review
contractors, but it is too early to assess their benefit. CMS has not
reported to Congress key details about the changes it is making to the
NMAP, including the rationale for the redesign of the program, but it
plans to discuss these changes in its upcoming 2012 strategic plan.
Collaborative Audits Enhance States' Program Integrity Activities; MIG
also Plans to Continue Using MSIS Data in Some Audits:
As part of its redesign, the MIG launched collaborative audits with a
small number of states in early 2010 to enhance the MIG's program and
assist states with their own program integrity priorities. The MIG did
not have a single approach for collaborative audits. For example, one
state told us that the MIG's audit contractor suggested that together
they discuss conducting a collaborative audit with the MIG while in
another state a collaborative audit was initiated by the MIG, with the
audit contractor's role limited to assistance during the audit (rather
than leading it).
Generally, collaborative audits allow states to augment their own
program integrity audit capacity by leveraging MIG's and its
contractors' resources. For example, officials from six of the eight
states we interviewed told us the services targeted for collaborative
audits were those that the state did not have sufficient resources to
effectively audit on its own. In some cases, the MIG's contractor
staff conducted additional audits. In others, contractors were used to
assess the medical necessity of claims when the states' programs
needed additional clinical expertise to make a determination.
Officials from most of the states we interviewed agreed that the
investment in collaborative audits was worthwhile but some told us
that collaborative audits created some additional work for states. For
example, two state programs reported that their staff was involved in
training the MIG's contractor staff. In one of these states, state
program staff dedicated a full week to train the MIG's audit
contractor so that the contractor's work would be in accordance with
state policies. Another state program official reported that staff had
to review all audits and overpayment recovery work, leading to a
"bottleneck" in the state's own program integrity activities.
Officials in one state suggested that the collaborative audits could
be improved if the MIG formalized a process for communicating and
resolving disagreements related to audit reports, and minimized the
changing of contractors in order to reduce the burden on states. Most
states were in favor of expanding the number of collaborative audits.
According to the MIG, the agency plans to expand its use of
collaborative audits to as many states as are willing to participate.
In fact, officials indicated that they are discussing collaborative
audits with an additional 12 states.
MIG officials noted that they do not foresee the collaborative audits
completely replacing audits based on MSIS data. According to MIG
officials, NMAP audits using MSIS data might be appropriate in certain
situations, including audits of state-owned and operated facilities
and states that are not willing to collaborate, as part of the MIG's
oversight responsibilities. The MIG recognizes that MSIS-based audits
are hampered by deficiencies in the data, and noted that CMS has
initiatives under way to address these deficiencies through the
Medicaid and CHIP Business Information and Solutions Council (MACBIS).
MACBIS is an internal CMS governance body responsible for data
planning, ongoing projects, and information product development.
According to MIG officials, MACBIS projects include efforts to reduce
the time from state submission of MSIS data to the availability of
these data; automation of program data; improvements in encounter data
reporting; and automation, standardization, and other improvements in
MSIS data submissions. One MACBIS project is known as Transformed MSIS
(T-MSIS), which aims to add 1,000 additional variables to MSIS for
monitoring program integrity and include more regular MMIS updates.
MIG officials told us that CMS is currently engaged in a 10-state
pilot to develop the data set for T-MSIS, and anticipates that T-MSIS
will be operational in 2014.[Footnote 25]
Changes to the Role of Review Contractors Too Early to Assess:
As part of its NMAP redesign, the MIG has assigned new activities to
the review contractors. Because these activities are new, it is too
early to assess their benefit. Although the review contractors were
not involved in early collaborative audits, the MIG expects that they
will be involved in future collaborative audits based on these new
activities.
In redesigning the NMAP, the MIG tasked its review contractors in
November 2011 with using MSIS data to compare state expenditures for a
specific service to the national average expenditure for that service
to identify states with abnormally high expenditures. Once a state (or
states) with high expenditures is identified, then discussions are
held with the states about their knowledge of these aberrations and
recovery activities related to the identified expenditures. According
to MIG officials, such cross-state analyses were recently initiated
and thus have not yet identified any potential audit targets. The
review contractor also indicated that it would continue to explore
other analytic approaches to identify causes of aberrant state
expenditures.
Additionally, as part of its redesign of the program's audits, the MIG
instructed its review contractors in November 2011 to reexamine
successful algorithms from previously issued final algorithm reports.
According to the MIG, the purpose of this effort is to identify the
factors that could better predict promising audit targets and thereby
improve audit target selection in the future. Although some MSIS
audits identified potential overpayments, the value of developing a
process using MSIS data to improve audit target selection in the
future is questionable.[Footnote 26] According to the MIG, MSIS audits
are continuing but on a more limited scale and with closer
collaboration between states and the MIG's contractors.
CMS Has Not Reported Key Details of Its NMAP Redesign to Congress:
In its 2010 annual report to Congress on the Medicaid Integrity
Program, CMS announced that it was redesigning the NMAP in an effort
to enhance MIG programs and assist states with their program integrity
priorities, but it did not provide key details regarding the changes.
For example, the report did not mention that the MSIS audits had a
poor return on investment, the number of unproductive audits, or the
reasons for the unproductive audits.[Footnote 27] Moreover, since
issuing its 2010 annual report, CMS has assigned new tasks to its
review contractors such as reexamining old final algorithm reports to
improve provider target selection and new cross-state analyses using
MSIS data. But CMS has not yet articulated for Congress how these
activities complement the redesign or how such activities will be used
to identify overpayments.
The MIG is preparing a new strategic plan--its Comprehensive Medicaid
Integrity Plan covering Fiscal Years 2013 through 2017--which it plans
to submit to Congress in the summer of 2012. According to MIG
officials, the new strategic plan will generally describe shortcomings
in the NMAP's original design and how the redesign will address those
shortcomings. However, MIG officials told us that they do not plan to
discuss the effectiveness of the use of funds for MSIS audits, or
explain how the MIG will monitor and evaluate the redesign. In its
fiscal year 2013 HHS budget justification for CMS, the department
indicated that in the future CMS would not report separately on the
NMAP return on investment. HHS explained that it had become apparent
that the ability to identify overpayments is not, and should not be,
limited to the activities of the Medicaid integrity contractors.
Rather, HHS said it is considering new measures that better reflect
the resources invested through the Medicaid Integrity Program. Federal
internal control standards provide that effective program plans are to
clearly define needs, tie activities to organizational objectives and
goals, and include a framework for evaluation and monitoring. Based on
these standards, the poor performance of the MSIS audits should have
triggered an evaluation of the program, particularly given the DRA
requirement for CMS to report annually to Congress on the
effectiveness of the use of funds appropriated for the Medicaid
Integrity Program.
Conclusions:
In approximately 5 years of implementation, the MIG has spent at least
$102 million on contractors for an audit program that has identified
less than $20 million in potential overpayments. Moreover, almost two-
thirds of these potential overpayments were identified in a small
number of test and collaborative audits that used different data and
took a different approach to identifying audit targets than the MSIS
audits, which comprised the vast majority of the program's audits. The
poor performance of the MSIS audits can largely be traced to the MIG's
decision to use MSIS data to generate audit leads, although evidence
showed that (1) these data were inappropriate for auditing, and (2)
alternative data sources were both available and effective in
identifying potential overpayments. Ineffective coordination with
states and a limited understanding of state Medicaid policies on the
part of the MIG's contractors also contributed to the poor results of
the MSIS audits.
Although the MIG recognizes that the MSIS audits have performed far
below expectations, it has not quantified how expenditures to date
have compared with identified recoveries. Currently, the MIG is
experimenting with a promising approach in which the states identify
appropriate targets, provide the more complete MMIS data, and actively
participate in the audits. This collaborative audit approach has
identified $4.4 million in potential overpayments and is largely
supported by the states we spoke with, even though they may have to
invest their own resources in these audits. However, the MIG has not
articulated how its redesign will address flaws in NMAP and it also
plans to continue using MSIS data, despite their past experience with
these data, for cross-state analysis and for states that are not
willing to participate in collaborative audits. At this time, the MIG
is preparing a new comprehensive plan for Congress that outlines the
components of the NMAP redesign. The details provided in such a plan
will be critical to evaluating the effectiveness of the redesign and
the agency's long-term plan to improve the data necessary to conduct
successful audits. Transparent communications and a well-articulated
strategy to monitor and continuously improve NMAP are essential
components of any plan seeking to demonstrate that the MIG can
effectively manage the program.
Recommendations for Executive Action:
To effectively redirect the NMAP toward more productive outcomes and
to improve reporting under the DRA, the CMS Administrator should
ensure that the MIG's:
* planned update of its comprehensive plan (1) quantifies the NMAP's
expenditures and audit outcomes; (2) addresses any program
improvements; and (3) outlines plans for effectively monitoring the
NMAP program, including how to validate and use any lessons learned or
feedback from the states to continuously improve the audits;
* future annual reports to Congress clearly address the strengths and
weaknesses of the audit program and its effectiveness; and:
* use of NMAP contractors supports and expands states' own program
integrity audits, engages additional states that are willing to
participate in collaborative audits, and explicitly considers state
burden when conducting audit activities.
Agency Comments and Our Evaluation:
We provided a draft of this report to HHS for comment. In its written
comments, HHS stated that we had not appropriately recognized the
progress CMS has made in evaluating and improving the Medicaid
Integrity Program, which included the agency's redesign of NMAP.
Collaborative audits were the core of that redesign. HHS described
CMS's redesign approach as a phased one in which not all elements had
been finalized when the agency announced the redesign in its June 2011
annual report to Congress (covering fiscal year 2010). HHS also
commented that we did not fully describe the reasons for CMS's use of
MSIS data. HHS partially concurred with our first recommendation and
fully concurred with the other two recommendations. HHS's comments are
reproduced in appendix IV.
General Comments:
Although we characterized collaborative audits as a promising new
approach, HHS commented that we (1) did not acknowledge that CMS had
presented its rationale for the NMAP redesign in the agency's June
2011 annual report to the Congress, and (2) inappropriately criticized
CMS for not including other redesign details in its report, which HHS
said had not yet been finalized. We continue to believe that a full
articulation of the redesign should include transparent reporting of
the results of the MSIS audits. However, we agree that the June 2011
report, which was released 18 months after the initiation of
collaborative audits, described their advantages--use of better data,
augmenting state resources, and providing analytic support for states
lacking that capability. Regarding the use of MSIS data, HHS stated
that we do not fully describe CMS's reason for its use or acknowledge
that CMS sought alternative data sources to supplement or replace MSIS
data. We disagree because our report provides CMS's reasons for using
MSIS data, acknowledges CMS's awareness of the MSIS data limitations,
and discusses its Transformed MSIS project to improve the quality of
MSIS data. In addition, we pointed out that officials in 13 of the 16
states we contacted volunteered that they were willing to provide CMS
with their own more complete and timely MMIS data. We agree with HHS's
comment that not all of CMS's plans for the redesign may have been
complete at the time the June 2011 annual report to Congress was being
finalized and therefore could not have been included in that report.
We have revised this report to acknowledge that some of the elements
of the redesign may not have been initiated until after the June 2011
report was finalized.
Comments on Our Recommendations:
HHS agreed with two of three elements related to our first
recommendation regarding CMS's planned update of its Comprehensive
Medicaid Integrity Plan covering fiscal years 2013 to 2017. HHS agreed
that the planned update should (1) address any NMAP improvements
proposed by CMS, and (2) outline CMS's plans for effectively
monitoring the NMAP. HHS commented that CMS considers transparency of
the program's performance to be a top priority. However, HHS did not
concur that the update should quantify NMAP's expenditures and audit
outcomes; CMS considers such information to be more appropriately
presented in the annual reports to Congress, which already includes
dollar figures on annual expenditures for NMAP and overpayments
identified in each fiscal year. CMS's annual reports to Congress have
provided a snapshot of results that did not differentiate between the
effectiveness of the various audit approaches used. For example, in
its annual report covering fiscal year 2010, CMS reported that 947
audits were underway in 45 states and that its contractors had
identified cumulative potential overpayments of about $10.7 million.
Based on our analysis of CMS's data, MSIS audits had only identified
overpayments of $2.4 million as of September 30, 2010. The remaining
$8.4 million in overpayments were identified during the test audit
phase, in which states identified the audit targets and supplied their
own MMIS data. We continue to believe that CMS should more fully
report on NMAP expenditures and audit outcomes in its annual reports
and provide an overall assessment of NMAP in its next comprehensive
plan.
HHS concurred with our recommendation that CMS should clearly address
NMAPs strengths, weaknesses, and effectiveness in the agency's annual
reports to Congress. HHS noted that in CMS's December 7, 2011
congressional testimony the agency had reported its awareness of the
limitations of MSIS data and outlined steps to improve contractors'
access to better quality Medicaid data. HHS also concurred with our
recommendation that CMS's use of NMAP contractors should support and
expand states' own audit activities, engage other willing states, and
explicitly consider state burden when conducting collaborative audits.
HHS reported that since February 2012 CMS had increased the number of
collaborative audits by 25--from 112 audits in 11 states to 137 in 15
states. Based on HHS comments, we made technical changes as
appropriate.
As agreed with your office, unless you publicly announce the contents
of this report earlier, we plan no further distribution until 30 days
from the report date. At that time, we will send copies to the
Secretary of Health and Human Services, the Acting Administrator of
CMS, appropriate congressional committees, and other interested
parties. In addition, the report will be available at no charge on the
GAO website at [hyperlink, http://www.gao.gov].
If you or your staffs have any questions about this report, please
contact me at (202) 512-7114 or yocomc@gao.gov. Contact points for our
Offices of Congressional Relations and Public Affairs may be found on
the last page of this report. Major contributions to this report are
listed in appendix V.
Signed by:
Carolyn L. Yocom:
Director, Health Care:
[End of section]
Appendix I: Status of Medicaid Statistical Information System (MSIS)
Audits:
Table 2: Status of MSIS Audits, by Fiscal Year of Assignment and Audit
Stage Conducted through February 2012:
Audit stage: Audit reports: Final;
2008: 9;
2009: 38;
2010: 12;
2011: 0;
Total (percent): 59 (4%).
Audit stage: Audit reports: Draft;
2008: 1;
2009: 111;
2010: 174;
2011: 10;
Total (percent): 296 (19%).
Audit stage: Audit reports: Total;
2008: 10;
2009: 149;
2010: 186;
2011: 10;
Total (percent): 355 (23%).
Audit stage: Audits ongoing;
2008: 0;
2009: 6;
2010: 67;
2011: 45;
Total (percent): 118 (8%).
Audit stage: Unproductive;
2008: 10;
2009: 379;
2010: 542;
2011: 146;
Total (percent): 1,077 (69%).
Audit stage: Total;
2008: 20;
2009: 534;
2010: 795;
2011: 201;
Total (percent): 1,550 (100%).
Source: GAO analysis of CMS data.
Note: MSIS ongoing audits include those assigned and in the
implementation phase. Unproductive Medicaid Statistical Information
System (MSIS) audits include those that were discontinued, had low or
no overpayments, or were put on hold.
[End of table]
[End of section]
Appendix II: Information on Medicaid Statistical Information System
Audits that Identified Potential Overpayments:
The 59 MSIS audits that successfully identified potential overpayments
were conducted in 16 states, and most of these audits involved
hospitals (30 providers) and pharmacies (17 providers). These provider
types also had the highest potential overpayments--over $6 million for
hospitals and $600,000 for pharmacies. Arkansas and Florida accounted
for over half of the audits that identified potential overpayments,
but the most substantial overpayments were in Delaware ($4.6 million)
and the District of Columbia ($1.7 million). (See tables 3 and 4.)
Table 3: Number of Successful MSIS Audits, by State and Provider Type:
State: Arkansas;
Home health: 0;
Hospital: 1;
Pharmacy: 13;
Long-term care: 0;
Other: 0;
Total: 14.
State: Colorado;
Home health: 0;
Hospital: 0;
Pharmacy: 0;
Long-term care: 0;
Other: 1;
Total: 1.
State: Delaware;
Home health: 0;
Hospital: 5;
Pharmacy: 1;
Long-term care: 0;
Other: 0;
Total: 6.
State: District of Columbia;
Home health: 0;
Hospital: 2;
Pharmacy: 0;
Long-term care: 2;
Other: 0;
Total: 4.
State: Florida;
Home health: 3;
Hospital: 12;
Pharmacy: 1;
Long-term care: 1;
Other: 0;
Total: 17.
State: Iowa;
Home health: 0;
Hospital: 0;
Pharmacy: 0;
Long-term care: 0;
Other: 1;
Total: 1.
State: Kansas;
Home health: 0;
Hospital: 1;
Pharmacy: 0;
Long-term care: 0;
Other: 0;
Total: 1.
State: Kentucky;
Home health: 0;
Hospital: 0;
Pharmacy: 0;
Long-term care: 0;
Other: 1;
Total: 1.
State: Mississippi;
Home health: 0;
Hospital: 0;
Pharmacy: 0;
Long-term care: 0;
Other: 1;
Total: 1.
State: New Mexico;
Home health: 0;
Hospital: 1;
Pharmacy: 0;
Long-term care: 0;
Other: 0;
Total: 1.
State: Pennsylvania;
Home health: 0;
Hospital: 0;
Pharmacy: 0;
Long-term care: 1;
Other: 0;
Total: 1.
State: South Carolina;
Home health: 0;
Hospital: 5;
Pharmacy: 0;
Long-term care: 0;
Other: 0;
Total: 5.
State: South Dakota;
Home health: 0;
Hospital: 1;
Pharmacy: 0;
Long-term care: 0;
Other: 0;
Total: 1.
State: Texas;
Home health: 0;
Hospital: 1;
Pharmacy: 0;
Long-term care: 1;
Other: 0;
Total: 2.
State: Utah;
Home health: 0;
Hospital: 0;
Pharmacy: 1;
Long-term care: 0;
Other: 0;
Total: 1.
State: Virginia;
Home health: 0;
Hospital: 1;
Pharmacy: 1;
Long-term care: 0;
Other: 0;
Total: 2.
State: Total;
Home health: 3;
Hospital: 30;
Pharmacy: 17;
Long-term care: 5;
Other: 4;
Total: 59.
Source: GAO analysis of CMS data.
Note: Data presented are through February 2012. 'Other' includes
single MSIS audits in the following categories: other, behavioral
health, managed care organization, and physician.
[End of table]
Table 4: Amount of Potential Overpayments Identified by Successful
MSIS Audits, by State and Provider Type:
State: Arkansas; Home health: [Empty];
Hospital: $11,305; Pharmacy: $252,910;
Long-term care: [Empty];
Other: [Empty];
Total: $264,215.
State: Colorado;
Home health: [Empty];
Hospital: [Empty];
Pharmacy: [Empty];
Long-term care: [Empty];
Other: $2,376;
Total: $2,376.
State: Delaware;
Home health: [Empty];
Hospital: $4,276,898;
Pharmacy: $338,106;
Long-term care: [Empty];
Other: [Empty];
Total: $4,615,004.
State: District of Columbia;
Home health: [Empty];
Hospital: $1,558,753;
Pharmacy: [Empty];
Long-term care: $152,767;
Other: [Empty];
Total: $1,711,520.
State: Florida;
Home health: $51,008;
Hospital: $220,974;
Pharmacy: $32,725;
Long-term care: $22,619;
Other: [Empty];
Total: $327,326.
State: Iowa;
Home health: [Empty];
Hospital: [Empty];
Pharmacy: [Empty];
Long-term care: [Empty];
Other: $31,875;
Total: $31,875.
State: Kansas;
Home health: [Empty];
Hospital: $25,165;
Pharmacy: [Empty];
Long-term care: [Empty];
Other: [Empty];
Total: $25,165.
State: Kentucky;
Home health: [Empty];
Hospital: [Empty];
Pharmacy: [Empty];
Long-term care: [Empty];
Other: $9,445;
Total: $9,445.
State: Mississippi;
Home health: [Empty];
Hospital: [Empty];
Pharmacy: [Empty];
Long-term care: [Empty];
Other: $2,390;
Total: $2,390.
State: New Mexico;
Home health: [Empty];
Hospital: $14,821;
Pharmacy: [Empty];
Long-term care: [Empty];
Other: [Empty];
Total: $14,821.
State: Pennsylvania;
Home health: [Empty];
Hospital: [Empty];
Pharmacy: [Empty];
Long-term care: $4,856;
Other: [Empty];
Total: $4,856.
State: South Carolina;
Home health: [Empty];
Hospital: $92,535;
Pharmacy: [Empty];
Long-term care: [Empty];
Other: [Empty];
Total: $92,535.
State: South Dakota;
Home health: [Empty];
Hospital: $90,465;
Pharmacy: [Empty];
Long-term care: [Empty];
Other: [Empty];
Total: $90,465.
State: Texas;
Home health: [Empty];
Hospital: $6,843;
Pharmacy: [Empty];
Long-term care: 108,940;
Other: [Empty];
Total: $115,783.
State: Utah;
Home health: [Empty];
Hospital: [Empty];
Pharmacy: $27,521;
Long-term care: [Empty];
Other: [Empty];
Total: $27,521.
State: Virginia;
Home health: [Empty];
Hospital: $36,808;
Pharmacy: $3,197;
Long-term care: [Empty];
Other: [Empty];
Total: $40,005.
Total;
Home health: $51,008;
Hospital: $6,334,568;
Pharmacy: $654,459;
Long-term care: $289,182;
Other: $46,086;
Total: $7,375,303.
Source: GAO analysis of CMS data.
Note: Data presented are through February 2012. 'Other' includes
single Medicaid Statistical Information System (MSIS) audits in the
following categories: other, behavioral health, managed care
organization, and physician.
[End of table]
[End of section]
Appendix III: Status of Collaborative Audits:
Table 5: Status of Collaborative Audits, by Fiscal Year of Assignment
and Audit Stage:
Audit stage: Audit reports: Draft;
2010: 14;
2011: 4;
2012: 0;
Total (percent): 18 (16%).
Audit stage: Audit reports: Final;
2010: 6;
2011: 0;
2012: 0;
Total (percent): 6 (5%).
Audit stage: Audit reports: Total;
2010: 20;
2011: 4;
2012: 0;
Total (percent): 24 (21%).
Audit stage: Audits ongoing;
2010: 24;
2011: 20;
2012: 41;
Total (percent): 85 (76%).
Audit stage: Unproductive;
2010: 3;
2011: 0;
2012: 0;
Total (percent): 3 (3%).
Audit stage: Total;
2010: 47;
2011: 24;
2012: 41;
Total (percent): 112 (100%).
Source: GAO analysis of CMS data.
Note: Data presented are through February 2012. Ongoing collaborative
audits include those assigned and in the implementation phase.
Unproductive collaborative audits include those that were
discontinued, had low or no overpayments, or were put on hold.
[End of table]
Table 6: Number of Successful Collaborative Audits, by State and
Provider Type:
Arkansas;
Hospice: 0;
Hospital: 0;
Long-term care: 1;
Total: 1.
California;
Hospice: 0;
Hospital: 1;
Long-term care: 1;
Total: 2.
Maryland;
Hospice: 3;
Hospital: 0;
Long-term care: 0;
Total: 3.
Total;
Hospice: 3;
Hospital: 1;
Long-term care: 2;
Total: 6.
Source: GAO analysis of CMS data.
Note: Data presented are through February 2012.
[End of table]
Table 7: Amount of Potential Overpayments Identified by Successful
Collaborative Audits, by State and Provider Type:
Arkansas;
Hospice: [Empty];
Hospital: [Empty];
Long-term care: $225,751;
Total: $225,751.
California;
Hospice: [Empty];
Hospital: $1,136,711;
Long-term care: $59,923;
Total: $1,196,634.
Maryland;
Hospice: $2,944,875;
Hospital: [Empty];
Long-term care: [Empty];
Total: $2,944,875.
Total;
Hospice: $2,944,875;
Hospital: $1,136,711;
Long-term care: $285,674;
Total: $4,367,260.
Source: GAO analysis of CMS data.
Note: Data presented are through February 2012.
[End of table]
[End of section]
Appendix IV: Comments from the Department of Health and Human Services:
Department of Health & Human Services:
Office of The Secretary:
Assistant Secretary for Legislation:
Washington, DC 20201:
June 5, 2012:
Carolyn Yocom:
Director, Health Care:
U.S. Government Accountability Office:
441 G Street NW:
Washington, DC 20548:
Dear Ms. Yocom:
Attached are comments on the U.S. Government Accountability Office's
(GAO) report entitled: "National Medicaid Audit Program: CMS Should
Improve Reporting and Focus on Audit Collaboration with States" (GAO-
12-627).
The Department appreciates the opportunity to review this draft
section of the report prior to publication.
Sincerely,
Signed by:
Jim R. Esquea:
Assistant Secretary for Legislation:
Attachment:
[End of letter]
General Comments Of The Department Of Health And Human Services (HHS)
On The Government Accountability Office's (GAO) Draft Report Entitled,
"National Medicaid Audit Program: CMS Should Improve Reporting And
Focus On Audit Collaboration With States" (GAO-12-627):
The Department appreciates the opportunity to comment on this draft
report. With respect to the issues addressed by GAO, IIHS does not
think the GAO report appropriately recognizes the progress CMS has
made in its own evaluation and improvement efforts in the Medicaid
Integrity Program.
Beginning in early 2010, CMS, based on internal analyses,
environmental assessments, parallel discussions with stakeholders, as
well as reviews of Medicaid Integrity Contractors' (MIC) performance,
determined that the initial model of the Medicaid Integrity Program
required fundamental changes in how it conducts its work. CMS is
addressing this need for change and opportunities for program
improvements in the upcoming Comprehensive Medicaid Integrity Plan
(CMIP) for fiscal year (FY) 2013 — FY 2017. The redesign plan for
Medicaid program integrity will recognize the increasing penetration
of Medicaid managed care, anticipated growth in enrollment in the
Medicaid program, the influence of new state Medicaid recovery audit
contractors, as well as the need to eliminate redundant and
inefficient practices.
The 2010 Annual Report to Congress on the Medicaid Integrity Program
contained a section entitled "Redesign of the National Audit Program"
that described how CMS was approaching improvements to Medicaid
program integrity. An integral change in that redesign was the new
focus on collaborative auditing projects with the states, which moved
away from traditional stand-alone federal audits that relied on state-
reported data from the Medicaid Statistical Information System (MSIS).
CMS is implementing the program redesign as a phased approach that
involves piloting new concepts and sharing best practices with states,
as well as total or supplementary use of direct state data for
Medicaid Integrity Program audits.
Meanwhile, CMS is working vigorously to reconfigure how to best review
and audit Medicaid providers through its contractors. This
reconfiguration includes expanding that review to include improving
oversight of managed care entities, improving identification of audit
targets like high-risk providers serving both Medicare and Medicaid
beneficiaries, overhauling CMS' contractor structure, and enhancing
support to states in their recovery of overpayments.
HHS would like to provide the following general comments on issues
that are germane to certain conclusions in the draft report before
responding to the report's recommendations.
General Comments:
GAO's draft report cites certain information regarding the "Annual
Report to Congress on the Medicaid Integrity Program for Fiscal Year
2010," which leads GAO to conclude that development of the National
Medicaid Audit Program (NMAP) redesign has not been as transparent as
GAO would prefer. It is important to note that key aspects of the
redesign efforts were in the early stages of development when the
report to Congress was issued in June 2011, and it would have been
premature to include additional detail on potential program changes
that were not final.
The following examples indicate where CMS believes corrections are
necessary to accurately reflect the information pertaining to the FY
2010 report to Congress.
* In the executive summary, GAO states that the rationale for the
redesign of the audit program was not included in the FY 2010 report
to Congress. However, in the section entitled "Redesign of the
National Audit Program" in the FY 2010 report to Congress, CMS
specifically indicates the purpose, nature, and advantages of the
collaborative projects that are the core initiative of the redesign.
These statements present the rationale for the redesign that had been
developed at that time.
* GAO cites several activities that it believes CMS should have
included in the FY 2010 report to Congress; however, CMS had not
initiated these activities until after the report to Congress was
issued in June 2011. Specifically, GAO states that CMS did not include
an explanation of the following: 1) new analytical roles for
contractors, 2) the value of examining algorithm findings reports for
the then-current calendar year, and 3) review contractors' cross-state
analyses. The actions were not initiated until after the report was
finalized.
We would appreciate if GAO would revise its conclusions regarding the
report to Congress to reflect the status of the redesign that was
known at the time that the FY 2010 report to Congress was being
finalized, as noted above. The March 2011 meeting with contractors was
a turning point in initiating the NMAP redesign; therefore, plans for
the NMAP redesign were not complete when the FY 2010 report to
Congress was being finalized.
Lastly, HHS believes that the draft report does not fully describe the
reason that the MSIS data set was used in the beginning of the audit
program. GAO states that CMS officials said that MSIS was chosen
because "the data were readily available for all states, they are
collected and maintained by CMS, and are intended for health care
research and evaluation activities." These statements were offered to
provide background information on MSIS. CMS used MSIS data because
MSIS is the most valuable source of nationwide Medicaid claims and
beneficiary eligibility information. Moreover, one of the uses for
MSIS data is for program utilization and analysis; however, CMS
utilized MSIS data and documented its limitations, it sought
alternative data sources to supplement or replace the MSIS data. These
efforts to improve Medicaid data for program integrity are documented
in the CMIP for FY 2009 — FY 2013, in which CMS stated, "In FY 2008,
the Medicaid Integrity Group (MIG) identified data elements from
states' Medicaid Management Information System (MMIS) to supplement
MSIS data for program integrity use..." The GAO report should be
revised to more accurately reflect statements made by CMS regarding
the use of MSIS data for the NMAP.
GAO Recommendation:
The CMS Administrator should ensure that the MIG's planned update of
its comprehensive plan: 1) quantifies the NMAP's expenditures and
recoveries; 2) addresses any program improvements; and 3) outlines
plans for effectively monitoring the NMAP program, including how to
validate and use any lessons learned or feedback from the states to
continuously improve the audits.
HHS Response:
HHS concurs in part with this recommendation. Section 1936(d) of the
Social Security Act (the Act) requires that a comprehensive plan for
the Medicaid Integrity Program be established every 5 years. The CMIP
for FY 2013 — FY 2017, currently in preparation for publication later
this year, explicitly addresses program improvements and outlines
plans to effectively monitor the activities of contractors engaged to
carry out the activities mandated under the Act. CMS will incorporate
lessons learned and feedback from states and other stakeholders into
its plan to enhance the effectiveness of all aspects of the Medicaid
Integrity Program.
However, HHS does not concur with the first part of this
recommendation that the comprehensive plan should quantify the NMAP's
expenditures and recoveries. CMS considers the reporting of
expenditures and audit outcomes to he more appropriately presented in
the annual report to Congress, rather than in the comprehensive plan
due on a 5-year cycle. In fact, the Medicaid Integrity Program's
annual report to Congress already provides both expenditures and
identified overpayments pertaining to the activities of the MTCs
during each federal fiscal year (FFY). Additionally, although sections
1936(a) and (b)(3) of the Act require CMS to contract with eligible
entities to identify overpayments to providers, the recovery of
overpayments is outside the scope of the contract with these entities.
Ultimately, CMS considers transparency of the Medicaid Integrity
Program's performance to be a top priority and will continue to report
annually on both expenditures and identified overpayments pertaining
to the activities of the MICs.
GAO Recommendation:
The CMS Administrator should ensure that the MIG's future annual
reports to Congress clearly address the strengths and weaknesses of
the audit program and its effectiveness.
HHS Response:
HHS concurs with this recommendation, and CMS has already begun
reporting the strengths, weaknesses, and effectiveness of the audit
program. CMS has reported to Congress the dollar figures on annual
expenditures for MICs and overpayments identified by MICs during each
FFY.
The strengths of the audit program and the results of the test audits
and collaborative projects are noted in GAO's report and were
described in the FY 2010 report to Congress.
GAO identifies the major weakness of the audit program as low audit
outcomes for audits based on data from the MSIS, and attributes the
cause of the low return on these audits to the decision to use MSIS
data. Beyond the opportunity to report such information in the annual
report to Congress, we have previously reported to Congress on the
weaknesses of MSIS data for NMAP audits. In testimony before Congress
on December 7, 2011, CMS reported its awareness of the limitations of
the MSIS data, listed a number of its deficiencies, and outlined steps
CMS has taken to improve contractors' access to better quality
Medicaid data.
GAO Recommendation:
The CMS Administrator should ensure that the MIG's use of NMAP
contractors supports and expands states' own program integrity audits,
engages additional states that arc willing to participate in
collaborative audits, and explicitly considers state burden when
conducting audit activities.
HHS Response:
HHS concurs with this recommendation, which provides an overview of
the redesign initiatives that CMS has well underway for the NMAP. CMS
began this work in calendar year 2012. CMS assigned the earliest
collaborative audits in January 2010 and introduced the redesign of
the audit program in the FY 2010 report to Congress as an initiative
to focus audit contractors' efforts more closely on the successful
strategy of collaborative projects with states, based on states'
Medicaid claims data. As the GAO draft report attests, collaborative
audits allow states to augment their own program integrity audit
capacity by leveraging the resources of CMS and its contractors.
CMS is expanding the collaborative audit approach rapidly, actively
soliciting and engaging additional states as they are willing to
invest in joint efforts. CMS has added 25 collaborative audits in 4
additional states since the GAO's count of 112 collaborative audits
assigned in 11 states through February 2012, bringing the current
total to 137 collaborative audits in 15 states. These 15 states
represent approximately 53 percent of all Medicaid expenditures in FFY
2011, and CMS is in discussions with 15 additional states.
CMS is keenly sensitive to the burden on state Medicaid programs. The
collaborative audit approach reduces the burden on states by providing
states with the opportunity to propose audit targets and weigh the
costs and benefits of participation. We are encouraged by the finding
that most states interviewed by GAO consider the state resources
devoted to collaborative audits to be a worthwhile investment.
HHS appreciates GAO's efforts to provide an assessment of the NMAP and
the developing redesign. We look forward to working with GAO on this
and other issues in the future.
[End of section]
Appendix V: GAO Contact and Staff Acknowledgments:
GAO Contact:
Carolyn L. Yocom at (202) 512-7114 or yocomc@gao.gov.
Staff Acknowledgments:
In addition to the contact named above, key contributors to this
report were: Water Ochinko, Assistant Director; Sean DeBlieck; Leslie
V. Gordon; Drew Long; and Jasleen Modi.
[End of section]
Related GAO Products:
National Medicaid Audit Program: CMS Should Improve Reporting and
Focus on Audit Collaboration with States. [hyperlink,
http://www.gao.gov/products/GAO-12-814T]. Washington, D.C.: June 14,
2012.
Program Integrity: Further Action Needed to Address Vulnerabilities in
Medicaid and Medicare Programs. [hyperlink,
http://www.gao.gov/products/GAO-12-803T]. Washington, D.C.: June 7,
2012.
Medicaid: Federal Oversight of Payments and Program Integrity Needs
Improvement. [hyperlink, http://www.gao.gov/products/GAO-12-674T].
Washington, D.C.: April 25, 2012.
Medicaid Program Integrity: Expanded Federal Role Presents Challenges
to and Opportunities for Assisting States. [hyperlink,
http://www.gao.gov/products/GAO-12-288T]. Washington, D.C.: December
7, 2011.
Fraud Detection Systems: Additional Actions Needed to Support Program
Integrity Efforts at Centers for Medicare and Medicaid Services.
[hyperlink, http://www.gao.gov/products/GAO-11-822T]. Washington,
D.C.: July 12, 2011.
Fraud Detection Systems: Centers for Medicare and Medicaid Services
Needs to Ensure More Widespread Use. [hyperlink,
http://www.gao.gov/products/GAO-11-475]. Washington, D.C.: June 30,
2011.
Improper Payments: Recent Efforts to Address Improper Payments and
Remaining Challenges. [hyperlink,
http://www.gao.gov/products/GAO-11-575T]. Washington, D.C.: April 15,
2011.
Status of Fiscal Year 2010 Federal Improper Payments Reporting.
[hyperlink, http://www.gao.gov/products/GAO-11-443R]. Washington,
D.C.: March 25, 2011.
Medicare and Medicaid Fraud, Waste, and Abuse: Effective
Implementation of Recent Laws and Agency Actions Could Help Reduce
Improper Payments. [hyperlink,
http://www.gao.gov/products/GAO-11-409T]. Washington, D.C.: March 9,
2011.
Medicare: Program Remains at High Risk Because of Continuing
Management Challenges. [hyperlink,
http://www.gao.gov/products/GAO-11-430T]. Washington, D.C.: March 2,
2011.
Opportunities to Reduce Potential Duplication in Government Programs,
Save Tax Dollars, and Enhance Revenue. [hyperlink,
http://www.gao.gov/products/GAO-11-318SP]. Washington, D.C.: March 1,
2011.
High-Risk Series: An Update. [hyperlink,
http://www.gao.gov/products/GAO-11-278]. Washington, D.C.: February
2011.
Medicare Recovery Audit Contracting: Weaknesses Remain in Addressing
Vulnerabilities to Improper Payments, Although Improvements Made to
Contractor Oversight. [hyperlink,
http://www.gao.gov/products/GAO-10-143]. Washington, D.C.: March 31,
2010.
Medicaid: Fraud and Abuse Related to Controlled Substances Identified
in Selected States. [hyperlink,
http://www.gao.gov/products/GAO-09-1004T]. Washington, D.C.: September
30, 2009.
Medicaid: Fraud and Abuse Related to Controlled Substances Identified
in Selected States. [hyperlink,
http://www.gao.gov/products/GAO-09-957]. Washington, D.C.: September
9, 2009.
Improper Payments: Progress Made but Challenges Remain in Estimating
and Reducing Improper Payments. [hyperlink,
http://www.gao.gov/products/GAO-09-628T]. Washington, D.C.: April 22,
2009.
Medicaid: Thousands of Medicaid Providers Abuse the Federal Tax
System. [hyperlink, http://www.gao.gov/products/GAO-08-239T].
Washington, D.C.: November 14, 2007.
Medicaid: Thousands of Medicaid Providers Abuse the Federal Tax
System. [hyperlink, http://www.gao.gov/products/GAO-08-17].
Washington, D.C.: November 14, 2007.
Medicaid Financial Management: Steps Taken to Improve Federal
Oversight but Other Actions Needed to Sustain Efforts. [hyperlink,
http://www.gao.gov/products/GAO-06-705]. Washington, D.C.: June 22,
2006.
Medicaid Integrity: Implementation of New Program Provides
Opportunities for Federal Leadership to Combat Fraud, Waste, and
Abuse. [hyperlink, http://www.gao.gov/products/GAO-06-578T].
Washington, D.C.: March 28, 2006.
[End of section]
Footnotes:
[1] CMS is the federal agency within the Department of Health and
Human Services that oversees Medicaid.
[2] An improper payment is any payment that should not have been made
or that was made in an incorrect amount (including overpayments and
underpayments) under statutory, contractual, administrative, or other
legally applicable requirements. This definition includes any payment
to an ineligible recipient, any payment for an ineligible good or
service, any duplicate payment, any payment for a good or service not
received (except where authorized by law), and any payment that does
not account for credit for applicable discounts. Improper Payments
Elimination and Recovery Act of 2010, Pub. L. No. 111-204, § 2(e), 124
Stat. 2224, 2227 (codified at 31 U.S.C. § 3321 note).
[3] See GAO, Medicaid: State Efforts to Control Improper Payments,
[hyperlink, http://www.gao.gov/products/GAO-01-662] (Washington, D.C.:
June 7, 2001). A list of related products is included at the end of
this report.
[4] See GAO, Major Management Challenges and Program Risks: Department
of Health and Human Services, [hyperlink,
http://www.gao.gov/products/GAO-03-101] (Washington, D.C.: Jan. 1,
2003).
[5] The federal government matches states' expenditures for most
Medicaid services using a statutory formula based on each state's per
capita income. The 56 Medicaid programs include one for each of the 50
states, the District of Columbia, Puerto Rico, American Samoa, Guam,
the Commonwealth of the Northern Mariana Islands, and the U.S. Virgin
Islands. Hereafter, we refer to the 50 states and the District of
Columbia as states; all other entities were excluded from our work.
[6] See Pub. L. No. 109-171, § 6034, 120 Stat. 3, 74-78 (2006)
(codified at 42 U.S.C. § 1396u-6).
[7] See GAO, Medicaid Program Integrity: Expanded Federal Role
Presents Challenges to and Opportunities for Assisting States,
[hyperlink, http://www.gao.gov/products/GAO-12-288T] (Washington,
D.C.: Dec. 7, 2011).
[8] Test audits began in June 2007 and were completed in December
2010. Contracts for MSIS audits were issued in December 2007 and MSIS
audits were assigned to audit contractors in September 2008.
Collaborative audits were assigned to audit contractors in January
2010. As of February 2012, a number of MSIS audits and collaborative
audits are ongoing.
[9] The five states were the District of Columbia, Florida,
Mississippi, Texas, and Washington.
[10] Within the MIG, the Division of Medicaid Integrity Contracting is
responsible for administrative oversight of the contracts and ensuring
that contractors meet the performance criteria. This division's staff
is involved in developing the scope of work for contracts, but the
detailed contents of the contracts are largely developed by other
divisions within MIG.
[11] HHS-OIG, MSIS Data Usefulness for Detecting Fraud, Waste, and
Abuse, OEI-04-07-00240 (August 2009); HHS-OIG, Top Management and
Performance Challenges Facing the Department of Health and Human
Services in Fiscal Year 2011 (November 2011).
[12] Algorithms target specific types of potential overpayments, such
as services provided after a beneficiary's date of death or duplicate
claims that appear to be for the same service. The MIG and review
contractors both contribute to algorithm development. The MIG
maintains about 100 algorithms.
[13] HHS-OIG, Early Assessment of Review Medicaid Integrity
Contractors, OEI-05-10-00200 (February 2012).
[14] The first MSIS audits were assigned to audit contractors in
September 2008. The most recent MSIS audits were assigned in February
2011.
[15] In addition to MMIS data, collaborative audits in one state used
state-supplied data to determine if a provider had been reimbursed by
other payers, such as Medicare, for claims that Medicaid had already
paid.
[16] Review contractors were not involved during the test audits
because the states provided the initial audit leads.
[17] Expenditures for the test audits were about $4.3 million, and do
not include the contractor's work on provider appeals. The MIG could
not break out expenditures separately for collaborative audits. The
MIG's review and audit contractors are paid on a cost plus award fee
basis which reimburses the contractors' costs of completing each task
and allows CMS to remit an additional award if certain performance
targets are met.
[18] In March 2012, the HHS-OIG reported that seven collaborative
audits had identified $6.2 million in overpayments. According to the
MIG, this estimate was based on draft audit report findings, which in
some instances were higher than the amounts reported in final audit
reports. HHS-OIG, Early Assessment of Audit Medicaid Integrity
Contractors, OEI-05-10-00210 (March 2012).
[19] Although the overall return on investment was negative, we did
not attempt to quantify it and instead use the term poor to describe
the return.
[20] The MIG generally considers overpayments of $2,000 or less as too
low to merit collection, but it has issued final audit reports for
less than that amount.
[21] The HHS-OIG report, published in March 2012, was based on an
analysis of NMAP audits assigned between January and June 2010. See
OEI-05-10-00210.
[22] In August 2009, the HHS-OIG reported that MSIS does not contain
many of the data elements needed for detecting improper payments and
that the average age of the data was more than 1-year old. For the HHS-
OIG report, the MIG provided HHS-OIG with a list of missing data
elements that would be useful for Medicaid fraud, waste, and abuse
analysis. See OEI-04-07-00240.
[23] In addition, a MIG audit contractor already had established
positive business relationships with state Medicaid agencies, which
gave it access to state MMIS data. When we spoke to MIG officials,
they confirmed that they had discussed the use of MMIS data with an
audit contractor, but told us that states' data use agreements with
the contractor were an impediment to the contractor's referencing
those data while performing MSIS audits.
[24] Clinical staff help make determinations on the medical necessity
of the care documented in the claim.
[25] The 10 states are Arizona, Arkansas, California, New Jersey, New
Mexico, North Carolina, Tennessee, Texas, Oregon, and Washington.
[26] A February 2012 HHS-OIG report recommended that the review
contractors make specific recommendations about audit targets based on
their analyses. See OEI-05-10-00200. Although the task order for
review contractors calls for them to identify and recommend leads for
audit contractors, the MIG only required the review contractors to
submit lists of providers ranked by the amount of potential
overpayment. These lists, which did not contain recommendations, were
used by the MIG to assign audits to the audit contractors.
[27] Although CMS has not reported the poor return on investment for
MSIS audits, in its recent budget justifications HHS reported that the
Medicaid Integrity Program overall had positive return on investment.
It is difficult to assess this overall return on investment because
CMS has not clearly described its reporting metrics.
[End of section]
GAO’s Mission:
The Government Accountability Office, the audit, evaluation, and
investigative arm of Congress, exists to support Congress in meeting
its constitutional responsibilities and to help improve the
performance and accountability of the federal government for the
American people. GAO examines the use of public funds; evaluates
federal programs and policies; and provides analyses, recommendations,
and other assistance to help Congress make informed oversight, policy,
and funding decisions. GAO’s commitment to good government is
reflected in its core values of accountability, integrity, and
reliability.
Obtaining Copies of GAO Reports and Testimony:
The fastest and easiest way to obtain copies of GAO documents at no
cost is through GAO’s website [hyperlink, http://www.gao.gov]. Each
weekday afternoon, GAO posts on its website newly released reports,
testimony, and correspondence. To have GAO e-mail you a list of newly
posted products, go to [hyperlink, http://www.gao.gov] and select “E-
mail Updates.”
Order by Phone:
The price of each GAO publication reflects GAO’s actual cost of
production and distribution and depends on the number of pages in the
publication and whether the publication is printed in color or black
and white. Pricing and ordering information is posted on GAO’s
website, [hyperlink, http://www.gao.gov/ordering.htm].
Place orders by calling (202) 512-6000, toll free (866) 801-7077, or
TDD (202) 512-2537.
Orders may be paid for using American Express, Discover Card,
MasterCard, Visa, check, or money order. Call for additional
information.
Connect with GAO:
Connect with GAO on facebook, flickr, twitter, and YouTube.
Subscribe to our RSS Feeds or E mail Updates. Listen to our Podcasts.
Visit GAO on the web at [hyperlink, http://www.gao.gov].
To Report Fraud, Waste, and Abuse in Federal Programs:
Contact:
Website: [hyperlink, http://www.gao.gov/fraudnet/fraudnet.htm];
E-mail: fraudnet@gao.gov;
Automated answering system: (800) 424-5454 or (202) 512-7470.
Congressional Relations:
Katherine Siggerud, Managing Director, siggerudk@gao.gov, (202) 512-4400
U.S. Government Accountability Office, 441 G Street NW, Room 7125
Washington, DC 20548.
Public Affairs:
Chuck Young, Managing Director, youngc1@gao.gov, (202) 512-4800
U.S. Government Accountability Office, 441 G Street NW, Room 7149
Washington, DC 20548.